Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Nginx reverse proxy wss with ssl
server {
listen 443 ssl;
server_name xxx.xx.io
ssl on;
ssl_certificate /etc/asterisk/certs/xxx.io.pem;
ssl_certificate_key /etc/asterisk/certs/xxx.io.key;
ssl_session_timeout 5m;
ssl_protocols SSLv2 SSLv3 TLSv1;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
#prevent 502 bad gateway
#large_client_header_buffers 8 32;
location / {
# prevents 502 bad gateway error
proxy_buffers 8 32k;
proxy_buffer_size 64k;
# redirect all HTTP traffic to localhost:8088;
proxy_pass http://0.0.0.0:8088/ws;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
#proxy_set_header X-NginX-Proxy true;
# enables WS support
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_read_timeout 999999999;
}
}
@imohammedzen

This comment has been minimized.

Copy link

@imohammedzen imohammedzen commented Sep 5, 2018

You might want to remove SSLv2 SSLv3 from ssl_protocols :)

@twelvew12

This comment has been minimized.

Copy link

@twelvew12 twelvew12 commented Jan 4, 2019

Hi
Please help me with the settings provided by you. All IPs 127.0.0.1 are returned ?

@twelvew12

This comment has been minimized.

Copy link

@twelvew12 twelvew12 commented Jan 4, 2019

Please help me

@marcmaceira

This comment has been minimized.

Copy link

@marcmaceira marcmaceira commented May 5, 2019

Recommended changes for line 12:
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;

@tobyh-g

This comment has been minimized.

Copy link

@tobyh-g tobyh-g commented May 22, 2020

Thanks for this. Your config had the missing key for my issue!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.